Описание
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.
Ссылки
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:fanvil:x210_firmware:2.12.20:*:*:*:*:*:*:*
cpe:2.3:h:fanvil:x210:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
2 месяца назад
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.
EPSS
Процентиль: 36%
0.0015
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-79